Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/AS206668.roa
File: AS206668.roa (raw, json)
Hash identifier: rMnFA8VLp6RuDlS/uhK77qG2xUcSXSExn1GwJqcMwsE=
Subject key identifier: 2F:3E:D1:05:55:EA:E6:15:5A:EE:85:16:81:C9:0F:06:F5:2D:EA:ED
Certificate issuer: /CN=9dfbff217105df8877d463f6e9bac28a4084d20c
Certificate serial: 3BFA95CE633AAA7FEA20A44325AC0C432F079D53
Authority key identifier: 9D:FB:FF:21:71:05:DF:88:77:D4:63:F6:E9:BA:C2:8A:40:84:D2:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfv_IXEF34h31GP26brCikCE0gw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/AS206668.roa
Signing time: Sat 07 Feb 2026 15:53:47 +0000
ROA not before: Sat 07 Feb 2026 15:48:47 +0000
ROA not after: Sat 06 Feb 2027 15:53:47 +0000
asID: 206668
IP address blocks: 185.231.225.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/9DFBFF217105DF8877D463F6E9BAC28A4084D20C.crl
rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/9DFBFF217105DF8877D463F6E9BAC28A4084D20C.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfv_IXEF34h31GP26brCikCE0gw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:fa:95:ce:63:3a:aa:7f:ea:20:a4:43:25:ac:0c:43:2f:07:9d:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9dfbff217105df8877d463f6e9bac28a4084d20c
Validity
Not Before: Feb 7 15:48:47 2026 GMT
Not After : Feb 6 15:53:47 2027 GMT
Subject: CN=2F3ED10555EAE6155AEE851681C90F06F52DEAED
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:fc:ef:06:53:f3:d1:08:eb:72:90:90:28:c4:
b6:bb:2b:e8:47:b2:88:c6:04:68:c4:62:94:ed:59:
fb:df:e9:9b:01:d8:28:7d:4b:54:1c:35:bd:53:a2:
b0:32:cf:29:ce:17:4a:6d:81:d7:e9:3c:73:3b:bd:
a2:a9:19:33:e5:6b:9d:4a:17:58:31:ca:fc:2e:de:
b0:ce:36:22:a4:f4:af:7c:87:fe:4e:02:d2:72:6f:
a4:c1:3f:0f:fd:71:4c:6f:9c:3b:30:02:d3:33:5f:
5a:98:6d:db:42:ec:86:f3:94:3d:b8:3a:80:0e:59:
b6:8e:29:92:5c:eb:32:be:5a:f1:2e:58:29:86:06:
6e:47:d0:aa:ec:13:32:cc:33:32:05:a3:b9:d3:5f:
bf:5b:eb:58:e5:ea:6d:3d:81:e8:9c:6b:7d:34:fd:
e0:25:16:83:10:84:3e:72:db:ac:bb:9a:aa:c2:8f:
5c:87:d3:01:e6:90:aa:f3:47:b0:c9:b1:20:1f:63:
74:fd:25:e8:25:a9:b4:34:cb:56:03:68:cf:ff:60:
45:8e:3c:ed:b5:ac:68:22:0f:76:56:1c:70:10:fb:
f7:c8:0f:00:f6:c6:32:4e:c7:04:f0:5c:f6:5a:0e:
0b:b0:c1:cb:4f:bc:09:04:52:9c:da:52:40:ec:4d:
30:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:3E:D1:05:55:EA:E6:15:5A:EE:85:16:81:C9:0F:06:F5:2D:EA:ED
X509v3 Authority Key Identifier:
keyid:9D:FB:FF:21:71:05:DF:88:77:D4:63:F6:E9:BA:C2:8A:40:84:D2:0C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/9DFBFF217105DF8877D463F6E9BAC28A4084D20C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfv_IXEF34h31GP26brCikCE0gw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/AS206668.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.231.225.0/24
Signature Algorithm: sha256WithRSAEncryption
60:49:d8:b6:2e:20:43:5a:8e:bd:28:82:18:9b:ff:77:cd:11:
d3:28:88:e2:0e:2a:ab:b3:d1:c8:48:12:b8:d5:29:02:d3:c0:
6b:5f:96:e6:96:4c:c4:f9:90:9d:32:be:66:43:ba:f6:82:2c:
21:c5:bc:49:4b:30:d8:4a:be:67:a1:84:61:0b:8f:11:08:d9:
b3:d4:c5:0c:5b:d6:60:68:fd:c4:85:3f:a0:b2:71:9e:2c:4a:
8d:67:34:01:2e:3c:0b:6e:c2:65:f7:57:a5:f8:c8:39:17:10:
87:44:34:91:a0:4a:69:f2:65:b1:c3:af:99:b4:15:e9:29:aa:
e3:02:e8:e6:e2:37:73:ae:b7:d1:a9:d2:0f:67:54:b2:b0:f0:
0a:9c:ef:a1:b6:09:91:be:fa:4c:76:bd:23:16:54:18:e0:50:
88:b7:6a:c5:7b:fa:1b:a1:6f:93:64:c2:f5:9c:a1:e7:1c:81:
6b:ff:23:6c:c4:3e:f9:63:47:c3:8e:4e:03:d5:76:8c:73:8e:
1d:10:93:6b:0f:f4:e9:83:3b:51:3e:41:cc:d2:a9:4a:7c:06:
53:5f:74:a5:26:59:ac:35:5a:7a:43:3b:a6:ca:e5:f4:77:00:
5c:90:7b:b6:c7:ab:11:89:03:a7:f8:b5:c6:37:32:98:d2:e1:
8d:df:e0:ea
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUO/qVzmM6qn/qIKRDJawMQy8HnVMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWRmYmZmMjE3MTA1ZGY4ODc3ZDQ2M2Y2ZTliYWMyOGE0
MDg0ZDIwYzAeFw0yNjAyMDcxNTQ4NDdaFw0yNzAyMDYxNTUzNDdaMDMxMTAvBgNV
BAMTKDJGM0VEMTA1NTVFQUU2MTU1QUVFODUxNjgxQzkwRjA2RjUyREVBRUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDV/O8GU/PRCOtykJAoxLa7K+hH
sojGBGjEYpTtWfvf6ZsB2Ch9S1QcNb1TorAyzynOF0ptgdfpPHM7vaKpGTPla51K
F1gxyvwu3rDONiKk9K98h/5OAtJyb6TBPw/9cUxvnDswAtMzX1qYbdtC7IbzlD24
OoAOWbaOKZJc6zK+WvEuWCmGBm5H0KrsEzLMMzIFo7nTX79b61jl6m09geica300
/eAlFoMQhD5y26y7mqrCj1yH0wHmkKrzR7DJsSAfY3T9JeglqbQ0y1YDaM//YEWO
PO21rGgiD3ZWHHAQ+/fIDwD2xjJOxwTwXPZaDguwwctPvAkEUpzaUkDsTTD7AgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQULz7RBVXq5hVa7oUWgckPBvUt6u0wHwYDVR0j
BBgwFoAUnfv/IXEF34h31GP26brCikCE0gwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTViNGQ5ZTgtNDExMS00Mzk0LWEzYTYtYmQ4MjUxZTdm
YmJkLzAvOURGQkZGMjE3MTA1REY4ODc3RDQ2M0Y2RTlCQUMyOEE0MDg0RDIwQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25mdl9JWEVGMzRoMzFHUDI2YnJDaWtD
RTBndy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzU1YjRkOWU4LTQxMTEt
NDM5NC1hM2E2LWJkODI1MWU3ZmJiZC8wL0FTMjA2NjY4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuefh
MA0GCSqGSIb3DQEBCwUAA4IBAQBgSdi2LiBDWo69KIIYm/93zRHTKIjiDiqrs9HI
SBK41SkC08BrX5bmlkzE+ZCdMr5mQ7r2giwhxbxJSzDYSr5noYRhC48RCNmz1MUM
W9ZgaP3EhT+gsnGeLEqNZzQBLjwLbsJl91el+Mg5FxCHRDSRoEpp8mWxw6+ZtBXp
KarjAujm4jdzrrfRqdIPZ1SysPAKnO+htgmRvvpMdr0jFlQY4FCIt2rFe/oboW+T
ZML1nKHnHIFr/yNsxD75Y0fDjk4D1XaMc44dEJNrD/TpgztRPkHM0qlKfAZTX3Sl
JlmsNVp6QzumyuX0dwBckHu2x6sRiQOn+LXGNzKY0uGN3+Dq
-----END CERTIFICATE-----
Generated at Mon Mar 2 09:35:04 2026 by rpki-client